KROd - the keyrollover daemon

About

KROd is a program that performs automatic DNSSEC keyrollover and automatic conversion from DNS to DNSSEC. Doing KSK or ZSK keyrollover can become
quite complicated,
KROd is there to automate that process. It has the following features:

handles ZSK rollover

handles KSK rollover and it communicates with the parent server to ask for the keyset update

most key/signing params can be specified to KROd

a control channel ala zebra.

can be used to migrate a normal DNS zone to a DNSSEC zone quite easily(KROd does nearly all the key/signing jobs for you)

can save and reread its configuration, it is useful when a crash occurs(note: at the moment KROd is not completly statefull)

it is highly experimental(this feature is the most interesting one)

Requirements

KROd works on BIND 9.3 configuration files, and requires a RFC2535bis aware dns server( NSD is also capable of this but
KROd doesn't handle yet that kind of configuration files ).

KROd uses DNSsecToolkit to perform DNSSEC related operations. So you need to have what is required by DNSsecToolkit: